To integrate LDAP authentication with Smarts SAM, a custom LDAP authentication method must be created in the sm_authority.pl file.

LDAP configuration parameters are then added to sso.conf , and environment variables are set to enable the custom authentication method.

All Supported Smarts releases

Important Note: Smarts does not support/ship AD based authentication or tools/scripts to authenticate users; and this is integration would be classified as an out of the box solution to integrate with AD.
Additionally, the requirements may vary upon each user's environment and hence these steps may vary based on the environments it is implemented upon. 
Please engage with your Accounts team to include Professional Solutions Engineering team, should you need assistance with the customization around the AD integration. 

Prerequisites

• sm_authority.pl file developed with the LDAP authentication method (refer Attachments).
• LDAP configuration details to be updated in the sso.conf file of Smarts (refer Attachments).
• Required LDAP client tools installed on the server (openldap-clients.x86_64).

LDAP Configuration in sso.conf

Add the following parameters to <SmartsLocation>/smarts/local/conf/sso/sso.conf :

# --- LDAP Configuration --- 
LDAP_ENABLED=1 
LDAP_HOST=<Enter LDAP Host IP Here>
LDAP_PORT=<Enter LDAP Port Here>                           # Default:389 
LDAP_BASE_DN=dc=tco,dc=com LDAP_USER_OU=ou=Users           # Enter user-configurable parameters
LDAP_USER_ATTRIBUTE=uid 
LDAP_USE_TLS=0                                             # Set to 1 to enable StartTLS
LDAP_PRIVILEGE_ON_SUCCESS=All                              # Privilege to grant if LDAP auth succeeds
LDAP_AUTH_METHOD=ldapsearch
LDAP_PROTOCOL=ldap

File Placement

Copy the following files into the folder: <SmartsLocation>/smarts/local/conf/sso/

• sso.conf
• sm_authority.pl

Environment Variable Setup

• Before starting SAM/DM, export the following environment variables:

# Enable sm_authority.pl based authentication
export SM_AUTHORITY="IDENTIFY=sm_authority, AUTHENTICATE=<SmartsLocation>/smarts/bin/sm_perl <SmartsLocation>/smarts/local/conf/sso/sm_authority.pl"

export SM_SERVERCONNECT=<SmartsLocation>/smarts/conf/serverConnect.conf

Restart Services

After setting environment variables, restart the domain manager:

sm_service stop <Service Name>

sm_service start <Service Name>

Verification

Check Domain Manager server logs to ensure there are no SM_Authority-related errors.

Ensure Perl is running as part of the server start:

ps -ef | grep perl

Validate via DMCTL with LDAP credentials:

Note: The following is an example considering INCHARGE-SAM is the domain manager configured to authenticate with LDAP here:

./dmctl -s INCHARGE-SAM -b localhost:426 
Server INCHARGE-SAM
User: user
user's Password: XXXXXXXXXX
Domain Manager Control Program (VERSION) – Type 'help' for a list of commands. 
Attached to 'INCHARGE-SAM' 
dmctl> exit

Validate via SAM Console:

• Attach the SAM Presentation Server to the SAM Console.
• Authenticate and validate Domain Managers using LDAP user credentials.